Create NSX-T firewall rules without using groups???

  Рет қаралды 3,506

NRDY Tech

NRDY Tech

Күн бұрын

Пікірлер: 16
@TechAndWanderlust
@TechAndWanderlust 2 жыл бұрын
Just connected with you on linkedin fellow tech comrade! Under Phillip Balderos.
@GEINA100
@GEINA100 2 жыл бұрын
How about doing it on L7 firewall?
@PhanToMaTiK
@PhanToMaTiK 7 ай бұрын
Regarding the rule, now web02a could not ping itself right?
@mohamedabo-elazm9475
@mohamedabo-elazm9475 2 жыл бұрын
any suggestions for lab or something to use to pass the nsx-deploy VCAP ?
@trevspires
@trevspires 2 жыл бұрын
but mike.... my VMware SE told me I should always use tags!!! You're telling me I can just block an IP without the 5 extra clicks of putting it into a group?!?!?! - MADNESS. 😂
@NRDYTech
@NRDYTech 2 жыл бұрын
Haha! You just described me perfectly...but, I thought it was super cool that this is NOT a huge PITA anymore
@TechAndWanderlust
@TechAndWanderlust 2 жыл бұрын
Looking for some advice. I have 3 Dell Power Edge T320 servers running ESXi 7.0. I also have a VMUG advantage subscription which gives me access to NSX-T amongst other products. I am deploying NSX-T to my lab and wondering if I need to have a 4th server to deploy edge? I kind of wanted to do a compute domain and workload domain to follow along with some hands on labs I found on line. Am I over thinking it?
@NRDYTech
@NRDYTech 2 жыл бұрын
What is the specs on your Dell T320's? RAM/CPU?
@TechAndWanderlust
@TechAndWanderlust 2 жыл бұрын
@@NRDYTech 32gb RAM each and CPU is Intel Xeon E5-1400 v1 or v2 or E5-2400 v1.
@NRDYTech
@NRDYTech 2 жыл бұрын
If it was me, I would do this: T320 #1 - vCenter (12Gb), 2x nested ESXi (8gb RAM each). T320 #2- 2x more nested ESXi (12gb each - use these as the hosts that you'll run your NSX edges on). T320 #3- NSX-T Manager. That's it! Just nested ESXi and it's a tight fit, but you can make it all work with what you've got.
@TechAndWanderlust
@TechAndWanderlust 2 жыл бұрын
@@NRDYTech Nice! Thank you! I will give it a shot with that config
@thomasc2246
@thomasc2246 2 жыл бұрын
when i realised that we are working in same company!! LOL
@asharma538
@asharma538 2 жыл бұрын
Thank you sir !! Can you please tell us if I apply the same rule on gateway firewall and DFW, which one would take precedence. I would imagine it is DFW since it sits in VMkernel and gateway is on the edge SR component.
@NRDYTech
@NRDYTech 2 жыл бұрын
DFW is always processed first! Gateway is processed as traffic goes through it. For inbound traffic from the internet that means it would hit the gateway FW first. But for normal outbound traffic from the VM, DFW first.
@sylverhawk9730
@sylverhawk9730 2 жыл бұрын
@@NRDYTech Hey Mike, great vid, i cant believe all this time i totally ignored the fact that u can directly add ip addresses at the source and destination sections 🤣 BTW was just wondering if u had any experience with customers who started with VLAN backed rules but are going to start using overlay backed networks and will have a mixture of Overlay and VLAN backed DFW rules, the reason i ask is because What if the customer was doing simple L2 Intra-VLAN protection using DFW, but complex L3 Inter-VLAN protection is performed at the physical firewall, But now if overlay backed networks are introduced, they can do more complex rules within DFW as the rules dont need to be defined at the physical firewall level but in turn may interfere with existing VLAN rules. The only way i can think of is by creating separate groups and rules to ensure the VLAN and Overlay rules don't mix with one another or is there a better way? Hope you don't mind me asking, and keep up the great work!!!
@rogergagne3970
@rogergagne3970 2 жыл бұрын
I used that process with my last customer.
NSX-T Fundamentals: Logical Networking
15:40
Jeffrey Kusters
Рет қаралды 32 М.
NEVER install these programs on your PC... EVER!!!
19:26
JayzTwoCents
Рет қаралды 4,7 МЛН
REAL or FAKE? #beatbox #tiktok
01:03
BeatboxJCOP
Рет қаралды 18 МЛН
What is an SR/DR? \\ NSX-T Routing Basics
6:51
NRDY Tech
Рет қаралды 4,6 М.
Basic Setup and Configuring pfsense Firewall Rules For Home
17:27
Lawrence Systems
Рет қаралды 394 М.
How NSX-T Routing Works (SIMPLE explanation!)
25:33
NRDY Tech
Рет қаралды 33 М.
Lateral Security with NSX and Generative AI
47:36
VMware vDefend
Рет қаралды 1,2 М.
[How-To] VLAN-backed Segments in NSX-T 3.0
9:27
NRDY Tech
Рет қаралды 9 М.
Palo Alto Firewall - Security Policy Rules [2023]
8:19
NETSums
Рет қаралды 8 М.